Search

Categories

Archives

Email Phishing Scam Targets Rackspace Customers

September 29th, 2017 by Shawn Kerr

A new email phishing scam is targeting Rackspace customers and, therefore, the hosting clients of InsideOut Solutions. We urge our customers, and anyone who uses Rackspace, to learn what they need to know to avoid compromising their online security.

What Is an Email Phishing Scam?

“Phishing” is a malicious, unsolicited attempt by a third party to gain access to sensitive online account information such as username, password, and/or credit card details. These attempts are typically made parties disguising themselves as a well-known and trusted source.

Email phishing occurs when the phishing attempt is made via an email. Other phishing sources include phone call, mail, online in-session, and even SMS text messaging.

How to Know If You’re Being “Phished” by This Scam

It’s important to know what to look for in any unexpected email you receive. In the case of this email phishing scam, look for the following:

A Legitimate Sender Email Address

As with any email message you receive, don’t go by the “sender name” as this can be easily “spoofed.”

In the case of this scam, the sender name is “Rackspace” or some variation thereof. Make sure that, however you access your email messages, that you are able to view the actual sending email address (and, even then be skeptical as email addresses may also be spoofed by scammers).

In the case of the sample I received, the sending email address was: drmike@rcs-ca.com

Certainly, you would expect an email from Rackspace to come from an rackspace.com email address. A whois check of rcs-ca.com shows that this domain has private registration (i.e. hiding it’s true ownership identity) so this message already “smells phishy.”

Legitimate Link URLs

Even if you can’t see the actual sender email address easily, you can spot obviously suspicious link URLs in the body of an email. Here is the sample message sent by drmike@rcs-ca.com

Dear Customer,

Thank you for choosing Rack space.

We are currently upgrading our server to give you the best of our service. We require you to upgrade your account details to avoid service being interrupted. A separate confirmation e-mail will be sent with your contract terms and conditions once your upgrade has been successfully processed.

For more details please log in to your Rackspace Control Panel:

http://cp.rackspace.com.nevs.net.au

Sincerely,

Sebastian GonzalezRackspace Head of Customer Service

Did you see the link URL? Look at it again:

http://cp.rackspace.com.nevs.net.au

This is a classic example of a phishing attempt. The URL of the link has “rackspace.com” in it, but ends it with “nevs.net.au” – certainly suspicious and shouldn’t be clicked.

Some phishing scam emails are more crafty and will attempt to hide the actual URLs of their links. As with email addresses, there are ways to discover what the actual URL of links are and these methods depend on the email client, app or webmail system you use.

Our Managed Web Hosting Protects You

InsideOut Solutions is a managed web hosting service provider. That means we take care of all aspects of our clients’ web hosting.

With the one exception of the few clients than administer their own email, Rackspace (our hosting platform) will not contact you with updates, issues, etc. They contact us and, if necessary, we contact you to resolve any issue requiring your input.

Need a Better Web Hosting Solution?

If you are finding your current web host unhelpful and unresponsive, we invite you to contact us today to learn more about our managed hosting service and how it will free you up to focus on what matters: running your business.